EEye to build world's largest honeypot

EEye's Blink offers a single application to protect against buffer overflow and phishing attacks

Enterprise security vendor eEye is preparing to unveil a free version of its Blink security software for consumers. 

Blink offers a single application that protects against buffer overflow and phishing attacks. It also offers intrusion prevention, application white-listing and location-specific security settings.

Consumers will be asked to share data on attacks that target their computers. The software will then act as the world's largest honeypot, allowing the firm to collect samples of live exploits and malware as soon as they become available.

EEye chief executive Ross Brown told vnunet.com that he is hoping for a "one million strong honeypot". 

A honeypot is a computer set up to collect security data by deliberately attracting online attacks. The information is used to analyse new attacks and attack methods.
The idea is that attackers will cast a wide net, distributing malware through spam or by scanning random systems for common security vulnerabilities.

But Brown believes that the technique has lost its value in today's world. Instead of going after a wide range of targets, criminals are increasingly using targeted attacks where malware is sent to only a few recipients within a company.

If such highly targeted malware succeeds in evading security researchers, attackers will remain successful at exploiting software flaws and using new attack methods.

In addition to building a honeypot, Brown expects that the free consumer version will drive sales of eEye's enterprise software that costs $60 per seat.

The consumer product will appeal mostly to power users in IT departments. The company hopes that their experiences using the free version will cause them to promote the software at work.

Brown prides himself on the fact that none of eEye's enterprise customers has been hit by a remote exploit since June 2004.

He claims that Blink will mitigate against most zero-day vulnerabilities, allowing users additional time to properly test and deploy software patches.

But it remains to be seen how much traction the software will gain in the consumer market. Some of the features are designed specifically for enterprises and may have only limited appeal with consumers.

The application offers to disable external USB storage devices and hard drives from accessing a device, for instance.

Blink Personal is based on Blink 2.5 which started shipping in September. The consumer version will launch officially on 23 October and is available for download from eEye's website.